mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 342487 - XSLT should use CheckLoadURIWithPrincipal 

p=Ryan Jones <sciguyryan@gmail.com>
r+sr=jonas
This commit is contained in:
asqueella@gmail.com 2007-07-17 14:15:49 -07:00
Родитель a0ee8547a6
Коммит 0cd494b3f6
6 изменённых файлов: 74 добавлений и 38 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

5
content/xml/document/src/nsXMLContentSink.cpp
Просмотреть файл

@ -50,7 +50,6 @@
#include "nsNetUtil.h"
#include "nsIDocShell.h"
#include "nsIDocShellTreeItem.h"
#include "nsIContent.h"
#include "nsIStyleSheetLinkingElement.h"
#include "nsPresContext.h"
#include "nsIPresShell.h"
@ -705,6 +704,7 @@ nsXMLContentSink::LoadXSLStyleSheet(nsIURI* aUrl)
return NS_OK;
}
mXSLTProcessor->Init(mDocument->NodePrincipal());
mXSLTProcessor->SetTransformObserver(this);
nsCOMPtr<nsILoadGroup> loadGroup = mDocument->GetDocumentLoadGroup();
@ -713,8 +713,7 @@ nsXMLContentSink::LoadXSLStyleSheet(nsIURI* aUrl)
return NS_ERROR_FAILURE;
}
return mXSLTProcessor->LoadStyleSheet(aUrl, loadGroup,
mDocument->NodePrincipal());
return mXSLTProcessor->LoadStyleSheet(aUrl, loadGroup);
}
nsresult

8
content/xslt/public/nsIDocumentTransformer.h
Просмотреть файл

@ -67,8 +67,8 @@ public:
NS_DEFINE_STATIC_IID_ACCESSOR(nsITransformObserver, NS_ITRANSFORMOBSERVER_IID)
#define NS_IDOCUMENTTRANSFORMER_IID \
{0x43e5a6c6, 0xa53c, 0x4f97, \
{ 0x91, 0x79, 0x47, 0xf2, 0x46, 0xec, 0xd9, 0xd6 }}
{0x17c83d91, 0xac2f, 0x4658, \
{ 0x91, 0x6c, 0xcb, 0xc4, 0xd2, 0xb5, 0x2c, 0xe }}
class nsIDocumentTransformer : public nsISupports
{
@ -76,9 +76,9 @@ public:
NS_DECLARE_STATIC_IID_ACCESSOR(NS_IDOCUMENTTRANSFORMER_IID)
NS_IMETHOD Init(nsIPrincipal* aPrincipal) = 0;
NS_IMETHOD SetTransformObserver(nsITransformObserver* aObserver) = 0;
NS_IMETHOD LoadStyleSheet(nsIURI* aUri, nsILoadGroup* aLoadGroup,
nsIPrincipal* aCallerPrincipal) = 0;
NS_IMETHOD LoadStyleSheet(nsIURI* aUri, nsILoadGroup* aLoadGroup) = 0;
NS_IMETHOD SetSourceContentModel(nsIDOMNode* aSource) = 0;
NS_IMETHOD CancelLoads() = 0;

42
content/xslt/src/xslt/txMozillaStylesheetCompiler.cpp
Просмотреть файл

@ -21,6 +21,7 @@
*
* Contributor(s):
* Peter Van der Beken <peterv@propagandism.org>
* Ryan Jones <sciguyryan@gmail.com>
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
@ -436,15 +437,9 @@ CheckLoadURI(nsIURI *aUri, nsIURI *aReferrerUri,
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
if (aReferrerPrincipal) {
rv = securityManager->
CheckLoadURIWithPrincipal(aReferrerPrincipal, aUri,
nsIScriptSecurityManager::STANDARD);
}
else {
rv = securityManager->CheckLoadURI(aReferrerUri, aUri,
nsIScriptSecurityManager::STANDARD);
}
rv = securityManager->
CheckLoadURIWithPrincipal(aReferrerPrincipal, aUri,
nsIScriptSecurityManager::STANDARD);
NS_ENSURE_SUCCESS(rv, NS_ERROR_XSLT_LOAD_BLOCKED_ERROR);
rv = securityManager->CheckSameOriginURI(aReferrerUri, aUri);
@ -465,7 +460,8 @@ class txCompileObserver : public txACompileObserver
{
public:
txCompileObserver(txMozillaXSLTProcessor* aProcessor,
nsILoadGroup* aLoadGroup);
nsILoadGroup* aLoadGroup,
nsIPrincipal* aCallerPrincipal);
virtual ~txCompileObserver();
TX_DECL_ACOMPILEOBSERVER;
@ -477,6 +473,7 @@ protected:
nsAutoRefCnt mRefCnt;
private:
nsCOMPtr<nsIPrincipal> mCallerPrincipal;
nsRefPtr<txMozillaXSLTProcessor> mProcessor;
nsCOMPtr<nsILoadGroup> mLoadGroup;
@ -486,9 +483,11 @@ protected:
};
txCompileObserver::txCompileObserver(txMozillaXSLTProcessor* aProcessor,
nsILoadGroup* aLoadGroup)
nsILoadGroup* aLoadGroup,
nsIPrincipal* aCallerPrincipal)
: mProcessor(aProcessor),
mLoadGroup(aLoadGroup)
mLoadGroup(aLoadGroup),
mCallerPrincipal(aCallerPrincipal)
{
}
@ -531,7 +530,7 @@ txCompileObserver::loadURI(const nsAString& aUri,
NS_ENSURE_SUCCESS(rv, rv);
// Do security check.
rv = CheckLoadURI(uri, referrerUri, nsnull, nsnull);
rv = CheckLoadURI(uri, referrerUri, mCallerPrincipal, nsnull);
NS_ENSURE_SUCCESS(rv, rv);
return startLoad(uri, aCompiler, referrerUri);
@ -607,7 +606,7 @@ TX_LoadSheet(nsIURI* aUri, txMozillaXSLTProcessor* aProcessor,
NS_ENSURE_SUCCESS(rv, rv);
nsRefPtr<txCompileObserver> observer =
new txCompileObserver(aProcessor, aLoadGroup);
new txCompileObserver(aProcessor, aLoadGroup, aCallerPrincipal);
NS_ENSURE_TRUE(observer, NS_ERROR_OUT_OF_MEMORY);
nsRefPtr<txStylesheetCompiler> compiler =
@ -706,18 +705,22 @@ handleNode(nsIDOMNode* aNode, txStylesheetCompiler* aCompiler)
class txSyncCompileObserver : public txACompileObserver
{
public:
txSyncCompileObserver(txMozillaXSLTProcessor* aProcessor);
txSyncCompileObserver(txMozillaXSLTProcessor* aProcessor,
nsIPrincipal* aCallerPrincipal);
virtual ~txSyncCompileObserver();
TX_DECL_ACOMPILEOBSERVER;
protected:
nsRefPtr<txMozillaXSLTProcessor> mProcessor;
nsCOMPtr<nsIPrincipal> mCallerPrincipal;
nsAutoRefCnt mRefCnt;
};
txSyncCompileObserver::txSyncCompileObserver(txMozillaXSLTProcessor* aProcessor)
: mProcessor(aProcessor)
txSyncCompileObserver::txSyncCompileObserver(txMozillaXSLTProcessor* aProcessor,
nsIPrincipal* aCallerPrincipal)
: mProcessor(aProcessor),
mCallerPrincipal(aCallerPrincipal)
{
}
@ -759,7 +762,7 @@ txSyncCompileObserver::loadURI(const nsAString& aUri,
rv = NS_NewURI(getter_AddRefs(referrerUri), aReferrerUri);
NS_ENSURE_SUCCESS(rv, rv);
rv = CheckLoadURI(uri, referrerUri, nsnull, nsnull);
rv = CheckLoadURI(uri, referrerUri, mCallerPrincipal, nsnull);
NS_ENSURE_SUCCESS(rv, rv);
// This is probably called by js, a loadGroup for the channel doesn't
@ -789,6 +792,7 @@ void txSyncCompileObserver::onDoneCompiling(txStylesheetCompiler* aCompiler,
nsresult
TX_CompileStylesheet(nsIDOMNode* aNode, txMozillaXSLTProcessor* aProcessor,
nsIPrincipal* aCallerPrincipal,
txStylesheet** aStylesheet)
{
// If we move GetBaseURI to nsINode this can be simplified.
@ -821,7 +825,7 @@ TX_CompileStylesheet(nsIDOMNode* aNode, txMozillaXSLTProcessor* aProcessor,
NS_ConvertUTF8toUTF16 stylesheetURI(spec);
nsRefPtr<txSyncCompileObserver> obs =
new txSyncCompileObserver(aProcessor);
new txSyncCompileObserver(aProcessor, aCallerPrincipal);
NS_ENSURE_TRUE(obs, NS_ERROR_OUT_OF_MEMORY);
nsRefPtr<txStylesheetCompiler> compiler =

39
content/xslt/src/xslt/txMozillaXSLTProcessor.cpp
Просмотреть файл

@ -66,6 +66,7 @@
#include "jsapi.h"
#include "txExprParser.h"
#include "nsIErrorService.h"
#include "nsIScriptSecurityManager.h"
static NS_DEFINE_CID(kXMLDocumentCID, NS_XMLDOCUMENT_CID);
@ -303,6 +304,7 @@ NS_INTERFACE_MAP_BEGIN(txMozillaXSLTProcessor)
NS_INTERFACE_MAP_ENTRY(nsIXSLTProcessorPrivate)
NS_INTERFACE_MAP_ENTRY(nsIDocumentTransformer)
NS_INTERFACE_MAP_ENTRY(nsIMutationObserver)
NS_INTERFACE_MAP_ENTRY(nsIJSNativeInitializer)
NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIXSLTProcessor)
NS_INTERFACE_MAP_ENTRY_CONTENT_CLASSINFO(XSLTProcessor)
NS_INTERFACE_MAP_END
@ -344,7 +346,7 @@ txMozillaXSLTProcessor::TransformDocument(nsIDOMNode* aSourceDOM,
type == nsIDOMNode::DOCUMENT_NODE,
NS_ERROR_INVALID_ARG);
nsresult rv = TX_CompileStylesheet(aStyleDOM, this,
nsresult rv = TX_CompileStylesheet(aStyleDOM, this, mPrincipal,
getter_AddRefs(mStylesheet));
NS_ENSURE_SUCCESS(rv, rv);
@ -598,7 +600,7 @@ txMozillaXSLTProcessor::ImportStylesheet(nsIDOMNode *aStyle)
type == nsIDOMNode::DOCUMENT_NODE,
NS_ERROR_INVALID_ARG);
nsresult rv = TX_CompileStylesheet(aStyle, this,
nsresult rv = TX_CompileStylesheet(aStyle, this, mPrincipal,
getter_AddRefs(mStylesheet));
// XXX set up exception context, bug 204658
NS_ENSURE_SUCCESS(rv, rv);
@ -1021,10 +1023,9 @@ txMozillaXSLTProcessor::GetFlags(PRUint32* aFlags)
}
NS_IMETHODIMP
txMozillaXSLTProcessor::LoadStyleSheet(nsIURI* aUri, nsILoadGroup* aLoadGroup,
nsIPrincipal* aCallerPrincipal)
txMozillaXSLTProcessor::LoadStyleSheet(nsIURI* aUri, nsILoadGroup* aLoadGroup)
{
nsresult rv = TX_LoadSheet(aUri, this, aLoadGroup, aCallerPrincipal);
nsresult rv = TX_LoadSheet(aUri, this, aLoadGroup, mPrincipal);
if (NS_FAILED(rv) && mObserver) {
// This is most likely a network or security error, just
// use the uri as context.
@ -1184,7 +1185,8 @@ txMozillaXSLTProcessor::ensureStylesheet()
if (!style) {
style = do_QueryInterface(mStylesheetDocument);
}
return TX_CompileStylesheet(style, this, getter_AddRefs(mStylesheet));
return TX_CompileStylesheet(style, this, mPrincipal,
getter_AddRefs(mStylesheet));
}
void
@ -1244,9 +1246,32 @@ txMozillaXSLTProcessor::ContentRemoved(nsIDocument* aDocument,
mStylesheet = nsnull;
}
NS_IMETHODIMP
txMozillaXSLTProcessor::Initialize(JSContext* cx, JSObject* obj,
PRUint32 argc, jsval* argv)
{
nsCOMPtr<nsIPrincipal> prin;
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
NS_ENSURE_TRUE(secMan, NS_ERROR_UNEXPECTED);
secMan->GetSubjectPrincipal(getter_AddRefs(prin));
NS_ENSURE_TRUE(prin, NS_ERROR_UNEXPECTED);
return Init(prin);
}
NS_IMETHODIMP
txMozillaXSLTProcessor::Init(nsIPrincipal* aPrincipal)
{
NS_ENSURE_ARG_POINTER(aPrincipal);
mPrincipal = aPrincipal;
return NS_OK;
}
/* static*/
nsresult
txMozillaXSLTProcessor::Init()
txMozillaXSLTProcessor::Startup()
{
if (!txXSLTProcessor::init()) {
return NS_ERROR_OUT_OF_MEMORY;

16
content/xslt/src/xslt/txMozillaXSLTProcessor.h
Просмотреть файл

@ -47,6 +47,7 @@
#include "nsIXSLTProcessorPrivate.h"
#include "txExpandedNameMap.h"
#include "txNamespaceMap.h"
#include "nsIJSNativeInitializer.h"
class nsIDOMNode;
class nsIPrincipal;
@ -72,7 +73,8 @@ class txMozillaXSLTProcessor : public nsIXSLTProcessor,
public nsIXSLTProcessorObsolete,
public nsIXSLTProcessorPrivate,
public nsIDocumentTransformer,
public nsStubMutationObserver
public nsStubMutationObserver,
public nsIJSNativeInitializer
{
public:
/**
@ -98,9 +100,9 @@ public:
NS_DECL_NSIXSLTPROCESSORPRIVATE
// nsIDocumentTransformer interface
NS_IMETHOD Init(nsIPrincipal* aPrincipal);
NS_IMETHOD SetTransformObserver(nsITransformObserver* aObserver);
NS_IMETHOD LoadStyleSheet(nsIURI* aUri, nsILoadGroup* aLoadGroup,
nsIPrincipal* aCallerPrincipal);
NS_IMETHOD LoadStyleSheet(nsIURI* aUri, nsILoadGroup* aLoadGroup);
NS_IMETHOD SetSourceContentModel(nsIDOMNode* aSource);
NS_IMETHOD CancelLoads() {return NS_OK;}
NS_IMETHOD AddXSLTParamNamespace(const nsString& aPrefix,
@ -136,7 +138,11 @@ public:
return (mFlags & DISABLE_ALL_LOADS) != 0;
}
static nsresult Init();
// nsIJSNativeInitializer
NS_IMETHODIMP Initialize(JSContext *cx, JSObject *obj,
PRUint32 argc, jsval *argv);
static nsresult Startup();
static void Shutdown();
private:
@ -152,6 +158,7 @@ private:
nsresult mTransformResult;
nsresult mCompileResult;
nsString mErrorText, mSourceText;
nsCOMPtr<nsIPrincipal> mPrincipal;
nsCOMPtr<nsITransformObserver> mObserver;
txOwningExpandedNameMap<txIGlobalParameter> mVariables;
txNamespaceMap mParamNamespaceMap;
@ -166,6 +173,7 @@ extern nsresult TX_LoadSheet(nsIURI* aUri, txMozillaXSLTProcessor* aProcessor,
extern nsresult TX_CompileStylesheet(nsIDOMNode* aNode,
txMozillaXSLTProcessor* aProcessor,
nsIPrincipal* aCallerPrincipal,
txStylesheet** aStylesheet);
#endif

2
layout/build/nsLayoutStatics.cpp
Просмотреть файл

@ -201,7 +201,7 @@ nsLayoutStatics::Initialize()
#endif
nsDOMAttribute::Initialize();
rv = txMozillaXSLTProcessor::Init();
rv = txMozillaXSLTProcessor::Startup();
if (NS_FAILED(rv)) {
NS_ERROR("Could not initialize txMozillaXSLTProcessor");
return rv;